[Twisted-Python] Issues stemming from CVE-2014-1912?

[Dustin J. Mitchell]

https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/
identified a remote code execution vulnerability in Python's
`Socket.recvfrom_into method`.  Some brief grepping around the Twisted
source doesn't find this method, but I'd be interested to hear what
the maintainers have to say on the matter: is a twisted app which
doesn't, itself use this method safe?

Dustin

___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

[Twisted-Python] listenTCP & listenSSL failing silently?

[Matthew Pounsett]

I’ve bumped into a weird one, and can’t figure out what I’m missing.  

for iface in interfaces:
for port in ports:
logger.debug("Listening on {}:{}".format(iface, port))
if use_ssl:
reactor.listenSSL(port, factory,
ssl.DefaultOpenSSLContextFactory(ssl_key, ssl_cert),
interface=iface)
else:
reactor.listenTCP(port, factory, interface=iface)

In the above code block, listenSSL() and listenTCP() both fail silently.  They 
do not raise an exception, and netstat reports nothing listening on the 
appropriate port.  

Even weirder, if I assign the results of listenSSL() and listenTCP(), then then 
a v6 connection will succeed but v4 still fails (silently).

I get the same behaviour for both (so, regardless of the value of use_ssl in 
this code).

for iface in interfaces:
for port in ports:
logger.debug("Listening on {}:{}".format(iface, port))
if use_ssl:
connector = reactor.listenSSL(port, factory,
ssl.DefaultOpenSSLContextFactory(ssl_key, ssl_cert),
interface=iface)
else:
connector = reactor.listenTCP(port, factory, interface=iface)
logger.debug( "Connected with connector: {}".format(connector))
logger.debug( "Connector on host {}".format(connector.getHost()))


19:33:43 http   Listening on 127.0.0.1:1812
19:33:43 http   Connected with connector: < of twisted.protocols.tls.TLSMemoryBIOFactory on 
1812>
19:33:43 http   Connector on host IPv4Address(TCP, '127.0.0.1', 1812)
19:33:43 http   Listening on ::1:1812
19:33:43 http   Connected with connector: < of twisted.protocols.tls.TLSMemoryBIOFactory on 
1812>
19:33:43 http   Connector on host IPv6Address(TCP, '::1', 1812)
19:33:43 http   Listening on 10.0.2.4:1812
19:33:43 http   Connected with connector: < of twisted.protocols.tls.TLSMemoryBIOFactory on 
1812>
19:33:43 http   Connector on host IPv4Address(TCP, '10.0.2.4', 1812)

> netstat -an | egrep '\.1812.*LISTEN'
tcp6   0  0 ::1.1812   *.*LISTEN

I’ve used this exact recipe before without any trouble (the first block, with 
unassigned results from reactor.listen*).. I can’t figure out what I’m missing 
this time.   Does anything stand out to anyone?

Using py27-twisted-13.2.0 port on FreeBSD 9.2.



___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python

Re: [Twisted-Python] maybe video

[Laurens Van Houtven]

Hi Kevin,


Thanks for sharing, always nice to see people doing useful things with
Twisted :-)


lvh
___
Twisted-Python mailing list
Twisted-Python@twistedmatrix.com
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python